oksign
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
@membranehq/clipackage from the npm registry. This is the official command-line interface for the Membrane platform and is a vendor-owned resource used to facilitate the integration. - [COMMAND_EXECUTION]: The skill operates by executing
membraneCLI commands to manage OKSign connections and run actions. It includes a proxy request feature (membrane request) that allows sending direct HTTP requests to the OKSign API via the Membrane platform, which handles authentication automatically. - [CREDENTIALS_UNSAFE]: The documentation explicitly promotes secure practices by advising against requesting API keys or tokens from the user, instead relying on the platform's centralized connection management system to handle the authentication lifecycle.
Audit Metadata